Get Started. It's Free
or sign up with your email address


1.1. Inputs

1.1.1. Proj Charter / PMP /Prj Docs (SH Regis) / EEF / OPA

1.2. T&T

1.2.1. Expert J, / Data Analy (S H analysis) / Meeting (kick off)

1.3. Output

1.3.1. Risk Mgt Plan How risk management activities will be structured and performed Risk Strategy Methodology Roles n responsibility Funding Timing (Project Life cycle) Risk Categories determining risk methodology +risk strategy


2.1. Identify + documentation of existing individual project risks and the sources of overall project risk

2.1.1. throughout the project / Iterative

2.1.2. project manager, project team members, project risk specialist (if assigned), customers, subject matter experts from outside the project team, end users, other project managers, operations managers, stakeholders, and risk management experts within the organization.

2.1.3. Nominate Risk Owners

2.2. Inputs

2.2.1. PM Pln - Requrmt. ; Schedule; Cost mgt ; Resource : risk ; scope+schedule+cost baseline ; /Pro. Docs (SH Regis) / Agreements / EEF / OPA

2.2.2. Project Doc SH Reg / Risk Report / Issue Log / Requit. Doc / Assumpt Log

2.2.3. Agreements

2.2.4. Procurement doc seller performance reports, approved change requests and information on inspections.

2.3. T&T

2.3.1. Expert J, / Data Analy (S H analysis) / Meeting (kick off)

2.3.2. Data Analy Brainstorming (a comprehensive list of individual project risks a) Chk list similar completed projects, list of items, actions, or points /Reminder Interview experienced project participants, stakeholders, and subject matter experts ; Trust / Encourage Root Cause Analyses causes -lead to a problem, and develop preventive action. SWOT analys,

2.3.3. Interpersonal & team skills Facilitation focused on the risk identification task, follow the method associated with the technique accurately, ensure clear risk descriptions, identify and overcome sources of bias, resolve any disagreements that may arise

2.3.4. Prompt list Prompt List predetermined list of risk categories that might give rise to individual project risk lowest level of the risk breakdown structure PESTLE - political, economic, social, technological, legal, environmental) TECOP VUCA

2.3.5. Meeting / risk workshop

2.3.6. Agreements milestone dates, contract type, acceptance criteria, and awards and penalties

2.3.7. Interview experienced project participants, stakeholders, and subject matter experts

2.4. Output

2.4.1. Risk Register Identified individual project risks Perform Qualitative Risk Analysis, Plan Risk Responses, Implement Risk Responses, and Monitor Risks identified risks, Potential risk owner and List of potential risk responses short risk title, risk category and status, risk triggers, WBS reference and timing information

2.4.2. Risk Report explains the overall project risks and provides summaries about the individual project risks overall project risk, together with summary information on identified individual project risks

2.4.3. Assumption Log

3. Perform Qualitative Risk Analysis

3.1. prioritizing individual project risks for further analysis

3.2. Probability + impact analysis

3.2.1. Probability & impact matrix

3.3. Subjective analysis/quality assesment

3.4. Focus on high priority risk

3.5. Agile - before start of every iteration

3.6. foundation for Perform Quantitative Risk Analysis

3.7. T& T

3.7.1. Expert Judg.

3.7.2. Data Gathering

3.7.3. Data Analysis Risk data quality assessment accurate and reliable Risk probability and impact assessment likelihood that a specific risk will occur. Assessment of other risk parameters Urgency -speed with which you would have to do something about the risk/ which a response to the risk is to be implemented - short period -.> high risk :Proximity - Manageability - how easily handle the impact Controllability -degree to control d impact Detectability : Connectivity :Higher -.> higher risk Strategic impact - Propinquity - very close to the heart of someone Dormancy - How soon do we feel

3.7.4. Interpersonal & Team skill Facilitation Skilled facilitator -

3.7.5. Risk Categorisation RBS Grouping risks into categories

3.7.6. Data representation Probability and impact matrix Hierarchical charts.


3.8.1. Project documents update Assumption log/issue log/risk register/ risk report

4. Perform Quantitative Risk Analysis

4.1. quantifies overall project risk exposure

4.2. not required for every project,

4.3. additional quantitative risk information

4.4. T&T

4.4.1. Simulation (Montecarlo analysis) When significant uncertainty -need to make an estimate/forecast /decision where there is Computer aid analysis

4.4.2. Sensitivity Analysis (Tornado diagram) to determine which individual project risks or other sources of uncertainty - most potential impact which risks have the most potential impact on the project. The longer the bar, High sensitive the risk. largest impact on the top /least impact on the bottom.

4.4.3. Decision Tree analysis to support selection of the best of several alternative

4.4.4. Influence diagram check the dependencies of tasks on each other

4.4.5. EMV= I * P to quantify risks and calculate the contingency reserve. The sum of the EMV of all events is the contingency reserve.

5. Plan Risk Response

5.1. how to make a proper response to a risk

5.1.1. minimize individual threats, /maximize individual opportunities/ reduce overall project risk exposure

5.1.2. appropriate

5.1.3. cost-effective

5.1.4. realistic

5.1.5. agreed upon by all parties involved,

5.1.6. owned by a responsible person


5.2.1. PM Pln Resource management plan how resources allocated to agreed-upon risk responses Risk management plan Risk management roles and responsibilities risk thresholds Cost baseline

5.2.2. Project documents Lessons learned register effective risk responses used reviewed to determine if similar responses Project schedule how agreed-upon risk responses will be scheduled alongside other project activities. Project team assignments resources that can be allocated to agreed-upon risk responses Resource calendars. resources availability- to be allocated to agreed-upon risk responses Risk register identified and prioritized,-individual risk which risk responses are required nominated risk owner for each risk Risk report. current level of overall risk exposure Prioritized individual project risks Stakeholder register. potential owners for risk responses.

5.3. T&T

5.3.1. STRATEGIES OPPORTUNITIES Exploite Enhance Share Accept THREATS Avoid Mitigate. Transfer Escalate (Programme/portfolio/other) Accept


5.4.1. Change request cost and schedule baselines or other components of the project management plan

5.4.2. PMPln updates

5.4.3. Project Doc updates

6. Implement Risk Response

7. Monitor Risk

7.1. tracking identified risks, identifying and analyzing new risks, and evaluating risk process


7.2.1. PMPln

7.2.2. Proj Docs

7.2.3. WPI project status

7.2.4. WPR

7.3. T&R

7.3.1. Audits

7.3.2. Meetings


7.4.1. WPI

7.4.2. Change Request

7.4.3. PMPln Updates

7.4.4. OPA s update

8. What is Risk

8.1. Uncertain event

8.2. Positive / Negative impact

8.2.1. Positive Impact Oppotunitiy

8.2.2. Negative impact Threat

8.3. Even Based Risk

8.3.1. a key seller may go out / Cus may change the requirement

8.4. Non event based Risk

8.4.1. Variability Risk Uncertainty exists - planned event or activity or decision. the number of errors found during testing may be higher or lower than expected unseasonal weather conditions addressed using Monte Carlo analysis productivity may be above or below target,

8.4.2. Ambiguity Risk Uncertainty exists -what might happen in the future future developments in regulatory frameworks inherent systemic complexity in the project

8.4.3. Emergent Risk addressed through incremental development, prototyping, or simulation risks that can only be recognized after they have occurred. Project resilience Integrated Risl Mgnt how well an organization manages its unique set of risks.


9.1. Individual Pr.Risk

9.1.1. effect on one or more project objectives.

9.2. Overall Pr. Risk

9.2.1. effect of uncertainty on the project as a whole

9.3. Non event Risk

9.4. Project Resilience

9.5. Integrated Risk Mgt

9.6. S/H Risk appetite

9.7. Risk Probability & Impact Matrix

9.7.1. numeric values P * I

9.7.2. which allows the relative priority of individual risks to be evaluated within each priority level

9.7.3. What does /low/moderate/high risk mean in terms of impacts on project?

9.8. SWOT Analysis

9.9. Prompt List

9.9.1. predetermined list of risk categories that might give rise to individual project risk

9.9.2. lowest level of the risk breakdown structure

9.9.3. PESTLE - political, economic, social, technological, legal, environmental)

9.9.4. TECOP

9.10. Risk Register

9.11. Risk Report

9.12. Simulation

9.13. Sensitivity Analysis

9.14. Decision Tree Analysis

9.15. Influence Diagram

9.16. (specified range of acceptable results)

9.17. Risk Appetite

9.17.1. Degree of uncertainty willing to take

9.18. Risk Tolerance

9.19. Risk Threshold

9.19.1. The level of risk exposure above which risks are addressed

9.19.2. Below Risk thre- Org will accept d risk

9.19.3. Above R/Thre - Org will not tolerate d risk

9.20. Risk Breakdown Structure (RBS)

9.20.1. A hierarchical representation of potential sources of risks.

10. Management Aim

10.1. Positive Risk /Opportunities - Enhance /Exploite

10.2. Negative Risk / Threat - Mitigate / Avoid

10.3. To keep project risk exposure within an acceptable range

10.4. reducing drivers of negative variation,

10.5. promoting drivers of positive variation

10.6. maximizing the probability of achieving overall project objectives

10.7. should be conducted iteratively

10.8. the project stays on track and emergent risks are addressed.

11. Risk Tailoring

11.1. Project size

11.2. Project complexity

11.2.1. high levels of innovation, new technology, commercial arrangements, interfaces, or external dependencies that increase project complexity

11.3. Project importance

11.4. Development approach.

11.4.1. waterfall project sequentially and iteratively

11.4.2. agile start of each iteration (Identify /analyze/ manage during execution adaptive approaches

12. Risk Categorization

12.1. Known Known

12.1.1. Know for sure

12.2. Known Unknown

12.2.1. Bad weather

12.3. Unknown known

12.4. Unknown Known

12.4.1. Surprise

13. Risk Factors

13.1. Probability

13.1.1. % risk may occur

13.2. Impact

13.2.1. Range of possible outcome

13.3. Timing

13.4. Frequesncy

13.4.1. How often